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Amendment 

Please replace all prior versions and listings of claims with the following listing of claims. 
Listing of Claims: 

1. (Currently Amended) A method of mon i toring for detecting and preventing attacks 
directed at a target system network commun i cations for on indicat i on of an attack and 
d i sab l ing the network commun i cat i ons upon an ex i stence of a predetermined cond i tion , 
comprising: 

receiving one or more packets originating from a source system, the received packets 
directed to the target system; 

mon i toring data packets rece i ved at a target system in rea l time; 

monitoring i dentifying the received 4dte packets that are to identify one or more of the 
packets that include information associated with s i gnatures of the a signature of an attack 
directed at the target system ; 

determ i n i ng a sever i ty of the attack; and 

blocking the identified packets from being transmitted to the target system; and 
blocking one or more subsequently received the data packets from entering being 
transmitted to the target system when the a severity of the attack exceeds a predetermined 
threshold , the subsequently blocked packets including one or more of packets originating from 
the source system or directed to the target system . 

2. (Currently Amended) The method according to claim 1, wherein monitoring the data 
packets includes determining received at the target system are monitored based on at least 
one of identifying information a«d or a type of communication associated with the monitored 
packets . 
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3. (Currently Amended) The method according to claim 2, wherein the identifying 
information includes at least one of a source a« Internet Protocol address , a source port 
number, a destination Internet Protocol address, or a destination a«4 a port number. 

4. (Currently Amended) The method according to claim 2, wherein the type of 
communication includes at least one of [[a]] File Transfer Protocol, [[a]] Simple Mail Transfer 
Protocol, Telnet, Domain Name System, Windows Internet Name System, HyperText Transfer 
Protocol, Traceroute, instant messaging, and or chat. 

5. (Currently Amended) The method according to claim 1, wherein monitoring the data 
packets includes rece i ved at tho target system aro mon i tored using Transmission Control 
Protocol/Internet Protocol at an application layer. 

6. (Currently Amended) The method according to claim 1, further comprising determining 
wherein the severity of the attack is determined based on at least one of a frequency of the 
attack, a type of communication, a change in an amount of bandwidth, a«d or a volume of the 
received data packets. 

7. (Currently Amended) The method according to claim 1, wherein blocking the data 
packets from being transmitted to aro b l ocked from enter i ng the target system by includes 
instructing at least one of a router, a hub, a server, a«d or a firewall to disable a 
communication channel. 

8. (Currently Amended) The method according to claim 1, further comprising tho stop of 
notifying an attack i ng the source system of a detect i on of that the attack has been detected 
and that of b l ocking tho data packets subsequently sent from the attacking source system will 
be blocked. 
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9. (Currently Amended) The method according to claim 1, wherein the subsequently 
received data packets are blocked from entering being transmitted to the target system for a 
predetermined amount of time. 

10. (Currently Amended) A system for protecting a computer network, comprising at least 
one computer readable medium associated with a device coupled to the network, the 
computer readable medium including : 

a detection module that receives attack signatures associated with attacks directed at a 
target device data packets and monitors received data packets to identify one or more of the 
packets that include information associated with fef the attack signatures; 

a scanning module that evaluates the roco i vod data identified packets having the attack 
s i gnatures and determ i nes to determine a severity of an attack on the computer network 
target device; and 

a blocking module that identifies a source of the attack identified packets, a«d instructs 
at least one sw i tching device to block the data identified packets from being transmitted to the 
target device, and instructs the at least one device to block one or more subsequently received 
packets from being transmitted to the target device when associated with the attack s i gnatures 
if the severity of the attack exceeds a predetermined threshold , the subsequently blocked 
packets including one or more of packets originating from the source or directed to the target 
device . 

11. (Currently Amended) The system according to claim 10, wherein the computer 
readable medium further includes compris i ng a log module that is adapted to create creates a 
log of the rece i ved data packets identified as including the information associated with having 
the attack signatures. 

12. (Currently Amended) The system according to claim 10, wherein the detection module 
i s adapted to mon i tor monitors the received data packets based on by determining at least one 
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of identifying information af*d or a type of communication associated with the monitored 
packets , 

13. (Currently Amended) The system according to claim 10, wherein the scanning module 
is adapted to dotormino determines the severity of the attack based on at least one of a 
frequency of the attack, a type of communication, a change in an amount of bandwidth, af*d or 
a volume of the received data packets. 

14. (Currently Amended) The system according to claim 10, wherein the blocking module 
blocks data the packets from being transmitted to the target device ontoring tho computer 
network by instructing at least one of a router, a hub, a server, a«d or a firewall to disable a 
communication channel. 

15. (Currently Amended) The system according to claim 14, wherein the blocking module 
blocks the data packets from being transmitted to the target device entering tho computer 
network for a predetermined amount of time. 

16. (Currently Amended) A computer readable medium containing computer executable 
instructions program product for detecting and preventing attacks directed at a target system 
enab l ing a computer to monitor rece i ved data packets and to disab l e a transmiss i on med i um 
between a source computer and a dest i nation network upon an ex i stence of o predetermined 
cond i t i on, the computer executable program product hav i ng instructions for enab l ing tho 
computer to perform operat i ons comprising operable to : 

receive one or more packets originating from a source system, the received packets 
directed to the target system; 

mon i toring data packets rece i ved at a destination network; 

monitor identify i ng the received data packets that are to identify one or more of the 
packets that include information associated with s i gnatures a signature of an attack directed at 
the target system ; 
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determ i ning o sovority of tho attack; and 

block the identified packets from being transmitted to the target system; and 
block one or more subsequently received b l ocking tho data packets from ontoring being 
transmitted to the target system dest i nation network when the a severity of the attack exceeds 
a predetermined threshold , the subsequently blocked packets including one or more of packets 
originating from the source system or directed to the target system . 

17. (Currently Amended) The computer readable medium program product according to 
claim 16, wherein the received clata packets are monitored transparently in real time. 

18. (Currently Amended) The computer readable medium program product according to 
claim 16, wherein the received date packets are monitored after being stored in a storage 
buffer. 

19. (Currently Amended) The computer readable medium program product according to 
claim 16, the instructions further operable to determine where i n the severity of the attack \s 
determined based on at least one of a frequency of the attack, a type of communication, a 
change in an amount of bandwidth, or a volume of the received data packets. 

20. (Currently Amended) The computer readable medium program product according to 
claim 16, the instructions operable to block wherein the clata packets are b l ocked from being 
transmitted to ontoring the target system by instructing at least one of a router, a hub, a 
server, bb4 or a firewall to disable a communication channel. 

21. (Currently Amended) The computer readable medium program product according to 
claim 16, the instructions further operable to notify the compris i ng tho stop of notify i ng an 
attack i ng source system of a detection of that the attack has been detected and that of 
b l ocking tho data packets subsequently sent from the attacking source system will be blocked . 
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22. (Currently Amended) The computer readable medium program product according to 
claim 16, whoroin the instructions operable to block the data packets are b l ocked from being 
transmitted to enter i ng the target system for a predetermined amount of time. 

23. (Currently Amended) A computer system configured for detecting and preventing 
attacks directed at target devices to monitor data packets received on a transmiss i on med i um 
for an indicat i on of an attack and to b l ock receipt of the data packets upon an existence of a 
predeterm i ned cond i tion , comprising: 

at least one terminal device; 

an app li cation server that i s coup l ed to the at l east one termina l device for process i ng 
requests sent by the at l east one termina l dev i ce; 

at least one a monitor i ng server that is coupled to a computer network and to the 
app l icat i on server for terminal device, the server operable to monitoring data monitor packets 
directed to the terminal device, the mon i tor i ng server having one or more modules compr i s i ng^ 
including : 

a ftfst detection module that receives attack signatures associated with attacks 
directed at the terminal device data packets and monitors received data packets to 
identify one or more of the packets that include information associated with fef the 
attack signatures; 

a second scanning module that evaluates the rece i ved data packets having the 
attack signatures and determines to determine a severity of an attack on the computer 
system terminal device ; and 

a tJwd blocking module that identifies a source of the attack identified packets, 
a«d instructs at least one switching device to block the data identified packets from 
being transmitted to the terminal device, and instructs the at least one switching device 
to block one or more subsequently received packets from being transmitted to the 
terminal device when assoc i ated with the attack s i gnatures i f the severity of the attack 
exceeds a predetermined threshold , the subsequently blocked packets including one or 
more of packets originating from the source or directed to the terminal device . 
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24. (Currently Amended) The computer system according to claim 23, wherein the 
mon i tor i ng server further compr i ses includes a fourth log module that creates a log of the 
rece i ved data packets identified as including the information associated with having the attack 
signatures. 

25. (Currently Amended) The computer system according to claim 23, further comprising a 
database coupled to the monitor i ng server. 

26. (Currently Amended) The computer system according to claim 23, wherein the ftfst 
detection module is adapted to monitor monitors the received data packets based on by 
determining at least one of identifying information attd or a type of communication associated 
with the monitored packets . 

27. (Currently Amended) The computer system according to claim 23, wherein the tlwd 
scanning module i s adapted to dotorm i no determines the severity of the attack based on at 
least one of a frequency of the attack, a type of communication, a change in an amount of 
bandwidth, a«d or a volume of the received data packets. 

28. (Currently Amended) The computer system according to claim 23, wherein the fourth 
blocking module blocks data packets from being transmitted to the terminal device entering 
the computer network by instructing at least one of a router, a hub, a server, a«d or a firewall 
to disable a communication channel. 

29. (Currently Amended) The computer system according to claim 23, wherein the fourth 
blocking module blocks the data packets from being transmitted to the terminal device 
enter i ng the network computer for a predetermined amount of time. 
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30. (Currently Amended) The computer system according to claim 23, whoro i n the 
mon i tor i ng server further operable to issue i ssues an alert to inform an administrator of the 
network of the attack on the computer system terminal device . 

31. (New) The method according to claim 3, the subsequently blocked packets including 
packets associated with one or more of the source Internet Protocol address, the source port 
number, the destination Internet Protocol address, or the destination a port number. 
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